Don't expect data on P2P networks to be private, judge rules

There can be no expectation of privacy in data exposed to the Internet over a peer-to-peer file-sharing network, a federal judge in Vermont ruled in a case involving three individuals charged with possession of child pornography.

The three men had argued that police illegally gathered information from their computers using an automated P2P search tool and then used that information to obtain probable cause warrants for searching their computers. Each of the defendants was later charged with possession of child pornography based on evidence seized from their computers.

In a motion filed earlier this year, defendants Derek Thomas, Douglas Neale and Stephan Leikert asked the U.S. District Court for the District of Vermont to suppress the evidence, claiming it had been obtained illegally.

The defendants contended that the initial use of the automated P2P search tool to gather information on the contents of their computers, constituted a warrantless search of their systems. They maintained that police violated Fourth Amendment provisions against unreasonable search by looking at private files on each of their systems using the P2P search tool.

They also argued that several of the statements made by investigators to show probable cause for the search warrants were based on incorrect information.

In a 39-page ruling released Friday, District Court Judge Christina Reiss denied the motion to suppress and held that the defendants had essentially given up privacy claims by making the data publicly available on the Internet over a P2P network.

"The evidence overwhelmingly demonstrates that the only information accessed was made publicly available by the IP address or the software it was using," Reiss wrote. "Accordingly, either intentionally or inadvertently, through the use of peer-to-peer file sharing software, Defendants exposed to the public the information they now claim was private."

The ruling is similar to ones reached by other courts in disputes involving documents exposed on the Internet via peer-to-peer networks. Courts in the 11th Circuit, 10th Circuit and 8th Circuit have all held that there can be no expectation of privacy if the contents of a computer can be accessed freely over the public Internet via a file sharing network.

Thomas, Neale and Leikert were arrested and indicted last year in a federal and state law enforcement operation named "Operation Greenwave," that targeted people who use peer-to-peer file sharing networks to distribute child pornography.

As part of the operation, investigators used a suite of software tools, collectively known as the Child Protection System, from privately held TLO LLC, to conduct automated searches for files containing images of child porn on P2P networks. The system allowed investigators to search multiple file-sharing networks using query terms commonly associated with such files.

When a computer on any of the networks responded with a query-hit message indicating it had a file matching the query term, the software recorded the IP address, hash values of the files, the actual file names, date and time of response and other details of the computer. The hit message identified files on a particular system that matched the query terms and were available for download by other users on the same P2P network.

The software allowed investigators to automate the process of sending out queries and receiving search results. It even allowed them to filter results in such a manner as to ensure that the only hits returned were from IP addresses within each investigator's jurisdiction.

The searches showed that computers belonging to the three defendants contained files with digital signatures that exactly matched files that were known to contain images depicting the exploitation of children. Investigators used this information to obtain the probable cause search warrants that eventually led to the arrest and indictments of the three individuals.

In rejecting the motion to suppress the evidence, Reiss noted that the automated search tool had not opened or downloaded any of the files on the defendants' computers. All the tool did was identify files that the defendants themselves had made publicly available for download on the Internet via a P2P network.

The fact that the tool used to conduct the search was proprietary or automated does not make a difference, the judge ruled. The same results would have ensued if investigators had conducted the searches manually.

"This software is designed to replace the searches that were previously done manually by law enforcement and the public. The software reports information that is discoverable by the general public using publicly available P2P software," the judge said. There was nothing in the evidence or the arguments presented by the defense to show that the tool had somehow accessed private files that were not meant for sharing, she said.

Pointing to previous rulings in similar cases, the judge noted that even if the defendants had meant to keep the files private, the fact that they were publicly accessible negated any expectations of privacy. "Defendants conveyed certain information to the public when they used peer-topeer file sharing software and made certain files available for sharing," she wrote.

Copyright 2016 IDG Communications. ABN 14 001 592 650. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.